Tutorial on Secure Enterprise - wide Identity Management and Role Modeling

Ludwig Fuchs, University of Regensburg, Germany

In today’s increasingly open business environment companies provide access to resources to a greater number of users, and more heterogeneous types of users, than ever before. As a result of improper account management users accumulate a number of excessive rights over time, resulting in the so called identity chaos. Studies show that major security problems and compliance violations arise because of employees gaining unauthorized access to resources as a result of manually handling user accounts. Role-based Identity Management has become a means to solve the identity chaos. It is concerned with the storage, administration, and usage of digital identities during their lifecycle in the organization. Roles acting as intermediary between employees and their access rights are an essential element of IdM.

They allow organizations to ease and secure provisioning processes, i.e. the allocation of digital and non-digital assets to employees, and access to resources.

The tutorial motivates the benefits and challenges of role-based Identity Management within enterprises by focusing on the task of role modeling, i.e. the definition of suitable business roles for employees. It provides detailed information about into current research trends and bridges the gap to practical usage in industry projects by giving insight into a tool-supported methodology for cleansing identity-related data and modeling business roles.

Dr. Ludwig Fuchs Ludwig Fuchs studied Information Systems (Wirtschaftsinformatik) at the University of Regensburg, Germany and had completed his dissertation in the area in 2009. In between 2004 and 2009 he studied and researched at the University of York (UK) and the University of Texas (San Antonio, USA) together with well-known academics in the field of IT security (e.g. Prof. Dr. Ravi Sandhu, “RBAC”). His main research interest comprises Identity Management within mid-sized and large organizations. Over the last seven years, Ludwig Fuchs gathered practical and academic experience and published the results at several international IT security conferences and journals.

His expert knowledge has additionally been underlined throughout his work in several industry projects, bridging the gap between practical requirements and latest academic research results.